Computer Science | Network security

Welcome to Network Security! Keeping Our Data Safe Online

Hello! We live in a world where everything is connected – from your phone to your school’s database. While this connectivity is amazing, it also means our personal information and important data are constantly at risk. That's where Network Security comes in!

In this chapter, we will learn how networks are attacked and, more importantly, the clever methods and technologies we use to protect our data and keep our online activities secure. Don't worry if some of the terms seem technical; we’ll break them down using simple examples.

---

Part 1: Understanding the Threats to Networked Systems

Before we can defend our networks, we need to know who and what we are defending against. Threats usually aim to steal information, damage systems, or stop services from working.

1.1 Unauthorized Access and Interception

This is the simplest form of attack: someone getting into a system or network without permission, or listening in on data that is being sent.

• Unauthorized Access: Imagine a burglar trying to pick the lock on your front door (your network). They want to view or change data they shouldn't see.
• Interception: This is like someone secretly listening to your private phone call while it's being transmitted. Attackers capture data packets as they travel across the network.

1.2 Malicious Software (Malware)

Malware is a general term for any software designed to cause damage or gain unauthorized access to a computer system.

A. Viruses and Worms

These are programmes that infect files and spread themselves to other computers.

• Virus: A virus needs a ‘host’ file (like a document or program) to attach to and execute. When you run the host file, the virus runs too and tries to spread.
• Analogy: A computer virus is like a biological cold. It needs close contact (running an infected file) to jump to a new host and make it sick.

B. Spyware

Spyware is designed to secretly monitor your activity and collect information about you without your knowledge.

• It can record keystrokes (a process called keylogging) to steal usernames, passwords, and credit card numbers.
• It often hides deep within legitimate-looking software.

1.3 Phishing

Phishing is a deceptive technique used to trick users into giving up personal information, usually through emails or fake websites.

• Attackers send emails that look like they come from a trusted source (like a bank, school, or popular company).
• The email often contains an urgent warning ("Your account has been suspended!") and asks the user to click a link to 'verify' their details.
• Once the user enters their data on the fake website, the attacker captures it.

Quick Tip: Always check the sender's email address and hover over links without clicking to see where they really go!

1.4 Denial of Service (DoS) Attacks

A Denial of Service (DoS) attack aims to shut down a website or network service by overwhelming it with massive amounts of requests, making it unusable for legitimate users.

• Imagine a popular shop with only one door. If thousands of people try to rush through that single door at the exact same moment, the door jams, and no one can get in—even the legitimate customers.
• The web server cannot cope with the sheer volume of traffic and crashes or slows down dramatically.

Key Takeaway for Part 1: The main threats are unauthorized access (hacking/snooping), malicious software (viruses/spyware), trickery (phishing), and stopping services from running (DoS attacks).

---

Part 2: Essential Network Protection Methods

To combat these threats, we rely on a combination of hardware, software, and user practices. These methods ensure the Confidentiality (privacy), Integrity (accuracy), and Availability (accessibility) of our data.

2.1 Authentication: User IDs and Passwords

Authentication is the process of verifying a user’s identity before granting them access to a system.

A. Strong Passwords

The first line of defense is a strong password. A strong password should:

• Be long (at least 8-10 characters).
• Contain a mix of upper-case letters, lower-case letters, numbers, and symbols.
• Not be dictionary words or easily guessable information (like your name or birthday).

B. Two-Factor Authentication (2FA)

This is a major improvement on simple passwords. 2FA requires the user to provide two different pieces of evidence to prove their identity.

This often involves:

1. Something you know (the password).
2. Something you have (a code sent to your mobile phone, or generated by an app).

Did you know? Even if a hacker steals your password, they cannot log in without the physical device that generates the second factor code, making 2FA very secure!

2.2 Firewalls

A Firewall is a security system that acts as a barrier between your internal network (or computer) and the outside world (the internet).

• It can be implemented as hardware (a dedicated box) or software (running on your operating system).
• The firewall checks every incoming and outgoing data packet against a set of rules.
• If the packet matches a rule that says "ALLOW," the packet passes. If it matches a rule that says "DENY" (like blocking traffic from a known attacker’s address), the packet is dropped.

Analogy: A firewall is like a security checkpoint at a border crossing. It examines every person (data packet) trying to enter or leave to make sure they are authorized and follow the rules.

2.3 Anti-Malware Software

This software, often called Antivirus or Anti-Spyware, is crucial for detecting, preventing, and removing malicious software.

• It constantly scans files and memory.
• It uses a definition file (a list of known malware signatures) to identify threats.
• Crucial Point: Anti-malware software must be regularly updated to protect against the latest, newly created threats.

2.4 Encryption

Encryption is the process of scrambling data so that it is unreadable to anyone without the correct key.

1. Plaintext: The original, readable data (e.g., "Hello world").
2. Encryption Algorithm: A mathematical process scrambles the plaintext using a Key.
3. Ciphertext: The resulting scrambled, unreadable data (e.g., "$@&B82%").
4. Decryption: The authorized recipient uses the same or a related key to turn the ciphertext back into readable plaintext.

Example: When you send a private message on a secure app, the message is encrypted before it leaves your phone. If a hacker intercepts the data during transmission, all they see is useless ciphertext, not your private message.

Encryption is used everywhere, including secure websites (look for HTTPS and the padlock icon).

2.5 Access Rights and User Privileges

Not all users should be able to do everything on a system. Access Rights (or User Privileges) ensure that users can only interact with the data and functions necessary for their role.

Administrators assign specific rights, such as:

• Read-only access: Can view the file but not change it.
• Read/Write access: Can view and change the file.
• Full control/Administrator: Can view, change, delete, and manage security settings.

Example: In a school network, students might have Read-only access to important administrative files, while teachers have Read/Write access to lesson materials. This prevents accidental or malicious damage to critical data.

2.6 Digital Certificates

How do you know that the website you are entering your bank details into is actually your bank, and not a phishing site?

A Digital Certificate helps confirm the identity of a website or server. They are issued by trusted third parties (Certificate Authorities).

• When you connect to a secure website (HTTPS), the server presents its digital certificate to your browser.
• The certificate proves that the website owner is who they claim to be and confirms that the connection is encrypted.
• If the certificate is invalid or missing, your browser will warn you, helping to prevent you from falling for fake sites.

Key Takeaway for Part 2: Network security relies on multiple layers of defense, including verification (authentication), barriers (firewalls), encoding (encryption), and restricting permissions (access rights).